In message <[EMAIL PROTECTED]> you write: |'Amos Shapira wrote:' |> |>I was asking over Linux-ISP about doing cleanup after breakins and got |>many "use tripwire" answers, and one which says that RPM has a verify |>mode which checks for files which were changed since they were |>installed. Can the dpkg maintainers consider adding such a feature |>for Debian? | |What does the rpm verify give you? As far as I can tell it gives a |false sense of security. Nothing more. The rpm database is easily |hacked once root access is attained. | |Tripwire or something similar is the only viable option.
You give the answer yourself :-). What I was thinking about is the ability to verify files against a database on a non-writeable media (or fetched from the net). Someone pointed me to an experimental package called 'dpkgcert', which seems to do just that. Look at the experimental directory on master.debian.org. Cheers, --Amos --Amos Shapira | "Of course Australia was marked for 133 Shlomo Ben-Yosef st. | glory, for its people had been chosen Jerusalem 93 805 | by the finest judges in England." ISRAEL [EMAIL PROTECTED] | -- Anonymous -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
